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Info  War 


■  . . . . 


Precision' 
Strike 


Project  &YProtect  th 


Sustain  Force 
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Iiiformation  w 


^  Power 

.  .Operate  in  an  unpredictable  anci  changing  environment,  throughout 
the  depth  (and  altitude)  of  the  Battle  Space  (all  the  way  back  to  the  CONUS  and/or  forward  base); 

Simultaneously  execute,  mount,  and  recover  from  operations  ranging  from  war  to  PKO; 
orchestrate  all  the  operating  systems;  and  do  all  of  this  very,  very  quickly 


The  quantum  competitive  advantage 

will  derive  from  the  quantity,  quality  and  usability  of  the  information 

The  architecture  of  Force  XXI  must  derive  from  a 


robust,  versatile  concept  of  information  based  Battle 


Command. 


GEN  Gordon  R.  Sullivan 


March  1994 


Americans  Army  Into  the  21st  Century 


'As of:  5/24/95 


Force  XXI 

The  Army  of  the  21st  Centu 
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We  will  Create  Learning 
Organizations 

•  Organized  around  information  — 
not  hardware 

•  Inherently  versatile  at  every  level 

•  Simultaneously  execute,  plan, 
recover-continuous  operations 


^  •  Leverage  skip  echelon  and  split 

RBuBSlgn  tnB  F OTC€  based  operations 
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Shared  situational  awareness,  not 
the  same  map  sheet,  the  same  map 


C2  Pr6«ct  -  "Keeping  The  Highway  Secure  &  Open  For  Force  XXT"-,,. 
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Information  Warfare 
An  Army  Perspective 


FM  100-6  (Draft) 

“INFORMATION  OPERATIONS” 

Continuous  COMBINED  ARMS  OPERATIONS  that  enable  and  protect  the 
commander’s  decision  cycle  while  influencing  an  opponent’s  Accomplished  through 
command  and  control  and  intelligence  operations,  Information  Operations  are 
conducted  across  the  full  range  of  military  operations. 


Open  For  Force 
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Information  Warfare  Is 


DCSOPS 


•  Old  Security  Disciplines  Refocused 

•  An  Integrated  Strategy 

•  A  Changing  Paradigm 

•  An  Operational  Tool  for  the  Commander 

•  A  Combat  Multiplier 

•  DODs  Evolution  into  the  Information  Wave 
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Tasking 


DCSOPS 


•  Address  information  system  security  issues  for  the 

.  .  m/ 

digital  battlefield  f  bcus  initial  efforts  on  T ask  Force 

XXI  AWE 

•  Address  policy  for  planned  demonstrations 

•  Conduct  initial  security  review o f  documentation 
supporting  Task  Force  XXI  AWE 
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NATURAL 

DISASTERS 


Threats  and  Vulnerabilities 

to  C2  Information  Systems 
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POUCY 


HACKERS 


C2  INFORMATION 
SYSTEMS 


CRIMINAL 

ELEMENT 


UNTRAINED  ^ 
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DCSOPS 
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UNTRAINED 
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TERRORISTS 
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C2  Protect  Development 

and  Approach 


DCSOPS 


•  Information  Dominance  is  the  New  “High  Ground 
Current  Intelligence  is  key. 

•  Protect,  Detect,  and  React 

•  C2  Protect  Program  Management  Plan:  Multiple 
Activities  with  Multiple  Security  Disciplines 

•  Training,  Personnel  (Spaces  and  Faces),  Tools 

•  Near  Term  Action  Items  from  the  C2  Protect  & 

AISS  Council  of  Colonels  .  .  . 

•  Long  Term  C2  Protect  Resourcing 
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•  What  is  the  sensitivity  of  infonnation  being 
processed? 

What  defined  security  levels  are  represented? 

•  Where  is  the  boundary  for  classified  information 
as  opposed  to  information  we  must  protect? 

•  What  is  the  structure  for  Accreditation? 

Who  is  the  Accreditor? 
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Purpose  of  Army  C2  Protect 
Initiatives  &  Efforts 
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•  Protect  the  Army’s  Portion  of  the  Defense 
Information  Infrastructure  (DII) 

•  Synchronize  Army  Activities  in  C2  Protect 

•  Identify  Vulnerabilities  and  Constraints 

•  Define  Army  Staff  and  MACOM  Roles  for 
Protect 

•  Floor  Plan  for  C2  Protect  Developments 

•  Plan  for  C2  Protect  Resources 


C2  Protect  Development 

Concerns 
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DCSOPS 


•  Inadequate  User  and  System  Administration  Training 

•  Funding  and  Resources 

•  Inadequate  Protect  and  Detect  Capability 

•  Army  Computer  Emergency  Response  Team  (CERT) 

•  V  alidated  Threat 

•  Information  Sharing  Infrastructure 

•  System  Security  Engineering  Emphasis 

•  Sustaining  Base  Systems  Focus 


C2  Protect 


Keeping  The  Highway  Secure  &  Open  For  Force  XXI 
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and  Awareness  is 
to  C2  Protect 

DCSOPS 


“Our  Troops  must  understand  the  threat  and  we  must 
provide  the  leadership  to  minimize  it”. 


Training 

Key 


“We  must  integrate  Information  Warfare  realism  into 

training  the  force” 
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LTG  Guenther 
HQDA,  DISC4 
29  Mar  95 


C2  PROTECT 


DISC4 


DCSOPS 


Lead  Developers  and  Signatures  on  all  C2  Protect  Volumes 
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In  coordination  with  DCSOPSand  DCSiNT,  DISC4 
is  responsible  for  implementing  procedural  and 

material  protective  measures,  to  protect  Command, 
Controi,  Communications,  and  Computers  (C4 
Protect). 


In  coordination  with  DCSOPS  and  DISC4, 
DCSINT  is  the  office  responsible  for  threat 
definition,  establishment  of  policy  and 
integrating  counter-intelligence  support  to 
protect  command  control  communications  and 
computers  (C4  Protect) 
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DCSOPS  C2  Protect  Mission 


DCSOPS 


The  DCSOPS  is  the  organization  which  has  proponancy 
for  Information  Warfare  and  addresses  force 
modernization  issues  related  to  Information  Warfare. 
Operational  issues  concerning  Information  Warfare 
are  handled  within  the  Directorate  for  Operations, 
Readiness,  and  Mobilization.  DAMO-FDN  is 
responsible  for  the  development  and  dissemination  of 
Information  Warfare  Policy  for  the  Army. 
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Land  Information  Warfare  Activity 


“LI  WA” 


MISSION: 


DCSOPS 


Provide  DA  level  Information  Warfare/Command  and  Control 
Warfare  support  to  Land  Components  and  separate  Army  commands  to 
facilitate  planning  and  execution  of  Information  Operations.  Coordinate 
with  National,  Joint,  and  Service  IW/C2W  centers  to  exchange  and 
synchronize  intelligence  and  information  support  across  the  operational 
continuum. 


Land  Information  Warfare 

Activity 


DCSOPS 


Act  as  Operational  Focal  Point  for  IW 
Army  Staff  (DCSOPS/DCSINT/DISC4) 
Joint,  Service,  and  National  Agencies 
MACOMs  and  MSCs 


Arrange  for  and  Coordinate  Support  to  CDRs 
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Coordinate  and  Deploy  Field  Support  Teams 
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Integrate  Compartmented  Programs  with  Other 
Activities 


C2  Protect  Issues 


#  Computer  Security 

Software  /  Firmware  Assurance  Requirements 

Storage  Media 

Output  Media 

Certification 

Anti-Virus  Protection 

Passwords 

•  Security  Services 

Confidentiality 

Availability 

Integrity 

Identification  and  Authentication 
Access  Control 
Non-repudiation 


•  Communications  Security 

Key  Distribution 
Key  Management 

•  Network  Security 

Routers  (IP  Routing  l  ables) 

Tactical  Name  Server 
IP  to  Host.Domain  Names 
Firewalls,  Guards 

In-line  Network  Encryptors  '  ' 

Limitations 

Security  Management 

•  Personnel  Security  :  -  v 

•  Security  Standards 
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yirmy Information  Systems 
are  Under  A  ttack 


♦  Attacks  are  frequent  and  highly  sophisticated 

♦  Armv;  had  90  reported  penetrations  in  CY  94 

♦  95%  of  detected  penetrations  go  unreported 

♦  This  means  that  Army  had  1800  detected 

♦  94%  of  penetrations  are  undetected 

♦  Total  penetrations  to  Army  approx  4500 


3/30/95 
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How  Do  Intruders  Get  In 


♦  Through  commercial  service  providers 

♦  95  %  of  of  DOD  comms  use  commercial 

service 


♦  MILNET  is  mostly  leased  commercial 
service 


♦  Run  automated  attack 

♦  Use  software  utility  tools  to  obtain  system 
info 

♦  Exploit  system  info  to  get  user  access 

3/30/95 


What  Intrude's  Can  Do 


♦  Obtain  password  file 

♦  Obtain  system  administrator  privileges 

♦  Plant  undetectable  programs 

♦  Change,  alter  or  destroy  information 

♦  Shut  down  system  (now  or  later) 

♦  Log  on  to  next  system  as  valid  user 

♦  Down  stream  liability  issue 

♦  Makes  Army  responsible  for  damage 
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Example  Internal  Hacking 

ssified  info  on  unclas  M I LN  ET 


♦  OSD  budget  info 

.  ♦  DIA  reports  with  names  &  locations  of  indivuals 

♦  Air  Force  flights  with  dates,  times,  code  names  etc. 

♦  Civ  &  M  il  (AF)  passing  info  to  hacker  network 

♦  Member  of  Inaugration  team  selling  access  to 
BCN 


♦  Users  from  HQ  DA  extracing  pornographic 
material  &  games 
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Army 
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Systems 
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♦  Requested  Vulnerability  analysis  by  SAM 

♦  Used  commonly  available  software  tools 

♦  Penetrated  in  5  min 

♦  Gained  superuser  (ROOT)  access  in  15  mi  n 

♦  Potential  impact  total  enemy  control  plus 

♦  trusted  launching  platform  to  other  syst 

♦  Penetration  was  not  noticed  or  reported 
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♦  Hackers  from  Denmark 

♦  Stole  information 

♦  When  hackers  were  discovered,  system 
was  shut  down 

♦  Minutes  after  bringing  system  up  the 
hackers  returned  and  took  control 
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Example  of  Penetrations 


♦  DSS-W 

I 

♦  3  MB  of  data  stolen 


♦  data  involved  contract  sensitive  information 

♦  ISC-P  Stopped  the  attack 

♦  ISC-P  assisted  in  p&venting  subsequent  attacks 
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■Example  -  Pentagon  Broadband 

C  able  N  etwork  (BCN) 


♦  Unauthorized  user  from  Swedish  host 


logged  in 

❖  Executed  several  commands 

❖  Posible  loss  of  password  file 

❖  Unauthorized  user  from  Virgina  Tech  host 

❖  RqDeated  attempts  using  various  user  IDs 

❖  Sucessful  using  system  admimistrator's  I D 

❖  Unauthorized  user  from  NASA  host 

❖  Logged  into  two  liferent  user  accounts 


Infofmation  Security 
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JPRO:  ^ECT 


DCSOPS 


Education/Awareness 

Training 

Public  Forums 

Army  Information  Systems  Security  Council 

Policies  and  Procedures 

*  The  Army  Plan 

*  AR  38049 

*  AR  25/70  series 

Land  Information  Warfare  Activity 
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Army  C2  Protect  Library 


DCSOPS 
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C2  Protect  Planning  Evolves  into  AR  XXX-XX 
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Current  Members 

DISC4  (Chair  Mr.  Loranger) 

( Ghair  Mrs.  Bailey) 

II AC  (Chair  MAJ  Ptaszynski) 


PEG  LEW  (Mr  Rabb) 
USAINSCOM  (CPT  Wade) 
DCSPER  (ETC  Brown) 
DCSLOG  (DALO-ZB) 


DCSINT  (Mr.  Henson) 
DCSOPS  (Mr.  McDowell) 

Nil  (Mr.  Denison) 
USA1l<ADOC(Mr.  GilEin) 
USASlGCEN(Mr.  Riddle/Kidd) 
USAICS  (ETC  Mitchell) 
USAISC  (Mr.  Reardon) 
USAMC  (Mr.  Poh) 

LIWA  (Mrs.  Schalestock) 


OCAR( 

SAPDA  (Mr  York) 

DISA  (D34  &  GIS:S)^^^^a^ 
PEOC3(TBD) 

AGC  (Mr  Rothlein) 

US  AC  AC  (Mr.  Jackson) 
NGB  (Mr.  Marsteller) 

NSA  (DR  MaConachy) 
ADO  (Mr  Balough) 

USA  CAC  (TPIO) 
USAFORCMD  (Mr  Horton) 
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ARMY..  ISSP  REQUIREMENTS 
WITHIN  FUNDING  PEGS 


DISC4 


MODERNIZATION  PEG 
AIRTERM 

BENIGN  FILL 


INFORMATION  MANAGEMENT  PEG 
Defense  Message  System 

MACOM 


AKMS  TIER  1  (EKMS) 


SECURE  TERMINAL  EQUIPMENT 


KIV-7 


KG-40A 


Multi  Information  System  Security  Initiative 


COMPUSEC 
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FY94  FY95  FY96  FY97  FY98  FY99  FYOO  FYOl 
94.4(52%)  45.9(-22%)  35.7  36.0  36.5  35.4  37.3  38.3 
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Summary 


DCSOPS 


Funding,  Personnel,  Resourcing  and  Intelligence 
Integration  Remain  Greatest  Challenges 

Focus  on  Education,  Training,  and  Awareness 

C2  Protect  Roles  and  Responsibilities  are  Defined 

C2  Protect  Master  Training  Management  Plan  and 
Program  Management  Plan  are  in  Draft  and  C2 
Protect  Library  identified  and  on  Track 


